Monthly archives for May, 2014

Let me introduce Darryl van der Peijl who wrote this guest blog on Out-of-Band Management in Windows Server 2012 R2 Hyper-V. Darryl is working for Inovativ since April of this year and is working in the same team as Marc van Eijk and myself focusing on CloudOS, System Center Virtual Machine Manager and Windows Azure Pack.

In this post we will discuss Out-of-Band Management of virtual machines running on Hyper-V, and a glimpse into the future. Hyper-V in Windows Server 2012 R2 has a large number of significant improvements, but there’s a new feature called Guest Services that hasn’t been much in the spotlight yet. I’ll provide a quick overview of Hyper-V Guest Services and also an example of how it can be used to perform out-of-band operations.

Guest Services

Guest Services are disabled by default on VMs. In order to use Guest Services, it needs to be enabled on each VM which will make use of it. To enable Guest Services on each VM, you can configure the checkbox setting shown in the screenshot below.

And of course you can enable Guest Services with PowerShell, using the Enable-VMIntegrationService command.

Guest Services leverages the Hyper-V Virtual Machine Bus (VMBus) to which each VM is connected. The VMbus is a communication mechanism used for inter-partition communication and device enumeration on systems with multiple active virtualized partitions. To bring it the easy way: The hypervisor and virtual machines are communicating with each other through the VMBus. For now, the only Out-of-Band operation Guest Services is supporting is the Copy-VMfile cmdlet.

Out-of-Band Management

Out-of-band management (OOB), sometimes called lights-out management, involves the use of a dedicated management channel for device maintenance. The term “Out-of-Band” in this blog is actually referring to a way to manage machines without using network. Now you might think “Manage without network? why?”

With routed VLANs you can easily manage your VMs using remote PowerShell, but with network virtualization, although a very cool technology, it also introduces some big challenges. Network virtualization isolates the network meaning nobody can access the network without being in it. You may encounter a similar scenario with isolated development environments with VMs running in a DMZ, behind a Firewall or using ACLs. So, how are you going to manage VMs which you can’t reach through network connectivity?

Right! Out-of-Band Management

So the goal is to manage VMs running on Hyper-V without having to worry about what network the VM is on, or if it’s even connected to any network.

A Glimpse into the future

My prediction is that the Virtual Machine Manager and Hyper-V product teams are working hard to get this type of management arranged. Virtual Machine Manager will be the center of Out-of-Band management, shooting commands through the VMM agent to the Hyper-V host. The Hyper-V server will pass these commands (PowerShell of course) through the VMBus to the VM using Integration Services.

This way you can manage any VM, connected to any network.

Other System Center components could benefit from Out-Of-Band management also: monitor a VM while the network is down with Operation Manager, change a VM IP with Configuration Manager etc. Since much is focused on Microsoft Azure, I am assuming this kind of functionality will also be available on Microsoft Azure and Windows Azure Pack through the API’s.

How cool would it be to pass PowerShell commands from your laptop on a public airport Wifi to your VMs on Azure?

Is there a catch?

The question is if this functionality poses a potential risk for your VMs or even your whole environment. What would happen if the security of the APIs is breached, would it be possible to execute commands from within your VMs from anywhere. The Hyper-V Integration Services are running as a services with ‘Local System’ privileges, so in theory there will be no security restrictions within the VM.

The above paragraph is of course speculative, but if a file copy through the VMBus is possible… I suspect anything is.

Recently I needed to update a Windows Azure Pack installation from RTM to Update 2. Because the servers had no Internet access, I needed an offline approach.

One way is to download the Windows Azure Pack 2013 Update 2 components, extract the files and install them one by one, thereby carefully checking that only the installed components are updated. It is very easy to make a mistake and add unwanted ones on a WAP portal server.

Components

Because this approach only works for the WAP 2013 Update 2 components and doesn’t give you the partner components such as Gridpro and Cloud Cruiser, the offline Web Platform Installer approach is the best choice. In fact WebPI has been upgraded from version 4.6 to 5.0 containing Update 2 plus the 3rd party components.

Fellow blogger at Hyper-V.nu Marc van Eijk did an amazing job. At his first TechEd he delivered no less than three presentations. I went to every single one of them and was really proud to see him be so successful. Great job Marc!

Cameron Fuller and Maarten Goet realized that there was still a full day available and many MVPs were still hanging around in Houston on Friday. In cooperation with the Houston Area System Management User Group (HASMUG) they found enough sponsors to organize #TE14D5 or an informal community event offering two tracks: Enterprise Client Management (ECM) and Cloud and Datacenter Management (CDM).

I think that we all remember the day: 27th of August 2013. On this day Microsoft announced that Windows Server 2012 R2 has been released to manufacturing. This means that Microsoft handles over the software to their hardware partners for them to complete their final system validation.

Back in those days I was involved in a project for upgrading a Windows Server 2008 R2 Hyper-V environment to Windows Server 2012 R2. We started the project with a design phase and after that a POC phase. Although this was all successfull we could not continue to implement Windows Server 2012 R2 Hyper-V to production because there was no support for Windows Server 2012 R2 Hyper-V from out the backup solution used. The backup solution in place is: HP Dataprotector.

Positive as we are we asked HP if Dataprotector will support Windows Server 2012 R2 the next month or the month after that. HP told us that we must be a little patient but in November there will be an announcement. That announcement was quite dissapointing: HP Dataprotector support for Windows Server 2012 R2 (including Hyper-V) will be available in January 2014

Hey, but we are patient! So we sit back and wait…

January 2014: Release of HP Dataprotector version 8.1, However without support for Windows Server 2012 R2! HP told us that they could not make it this time but support for Windows Server 2012 R2, with Hyper-V, will be available in April 2014!

April 2014: Release of HP Dataprotector version 8.11… with support for Windows Server 2012 R2!!! So we could continue our project… no just kidding, we couldn’t! Although there is support for Windows Server 2012 R2, there is no support for Hyper-V. Astonishment and dander all around. We got the feeling that we be kept on a leash. HP told us very friendly that they do not expect support for Windows Server 2012 R2 Hyper-V before September 2014.

Let’s hope it will be earlier than September. HP promised us to support Hyper-V 2012 R2 in the future and in a futured version. When this will be? I’ve no idea and I’m afraid that HP also not having a idea right now.

Unfortunately this is not the only frustration, a lot of customers are waiting for the final release of Lefthand OS 11, features like ODX (in 3PAR) are not working well and so I can continue this story.